Vulnerability Management SME in Washington, DC at APEX Systems

Date Posted: 6/14/2018

Job Snapshot

Job Description

Job #:  848977

Vulnerability Management SME

Bolling AFB (some travel to Andrews AFB required- 25% of time)

Candidates must be US citizens and able to obtain and/or maintain a Department of Defense Secret security clearance as a condition of employment

Job Description

The selected candidate will manage vulnerabilities to ensure a security posture in accordance with DISA/DOD guidance for an 18,000-person network.  They will coordinate and provide direction to functional experts to minimize vulnerabilities and ensure client health supporting to the Air Force National Capital Region ITS Network Control Center.

Qualifications:

B.S. degree and minimum of 7-10 years of related experience in Cyber Security and vulnerability management. Five years' experience with security programs, policy development, security life cycle management, and security risk assessment.

Candidate must possess and maintain a current DoDD 8570.1 approved certification at IAT level II or above (minimum for IAM-Level I/IAT Level 2 positions).  Current valid certifications include:  GSEC, Security+ CE, SSCP, CCNA-Security, CAP, GSLC, CISM, CISSP, or CASP CE)

Responsibilities:

Manage Vulnerability processes by leveraging and analyze ACAS reporting system data. Analyze vulnerability scan results and report on aggregated vulnerabilities. Identify false positives and risk acceptance candidates. Understand and communicate risks associated with vulnerabilities. Facilitate vulnerability remediation strategies. Performs periodic and on-demand system audits and vulnerability assessments.

Provides guidance to system administrators to minimize vulnerabilities and ensure compliance with DoD and Air Force CND directives

Provide recommendations to leadership and government representatives on vulnerability management and cyber security posture. May serve as a technical team or task leader.

Maintain current knowledge of relevant technologies as assigned. Participates in special projects as required.

Ensure compliance with Cyber Command Readiness Inspection (CCRI) CND Directives and the implementation of those requirements.

Direct, compile, and provide guidance for compliance with specific security guidance documents including DISA STIGS

Skills:

Strong interpersonal, oral and written communication skills

Ability to interpret data, trends, and produce reports

Ability to draft and review a Plan of Action & Milestone (POA&Ms) and ensure they are developed/maintained/tracked through complete remediation.  

Knowledge:

Working knowledge of the Host Based Security System (HBSS), Tanium, and System Center Configuration Manager (SCCM).

Knowledge of Intrusion Detection Systems, Intrusion Prevention Systems, Public Key Infrastructure, and preparing security related documentation.

Understanding of security issues related to vulnerability management across Windows, Red Hat, Linux/Unix and database systems.

Experience with Remedy ticketing system; submitting and processing tickets, and generating reports.

Experience with Risk Management Framework (RMF) processes and procedures, as well as FISMA and NIST standards across all phases of Security Life Cycle Management. Some knowledge of Assessment & Authorization (A&A) processes to ensure DoD networks satisfy requirements necessary to achieve and maintain proper Authorization to Operate (ATO) and Authorization to Connect (ATC) certifications. Experience with Enterprise Mission Assurance Support Service (eMASS).

 

 

 

 

 

 

 

 

EEO Employer

Apex is an Equal Employment Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at employeeservices@apexsystemsinc.com or 844-463-6178.